<?php

	//接收前端AJAX提交的数据
	$username = $_POST['username'];

	$pwd = $_POST['pwd'];

	$desc = $_POST['desc'];

	$photo = $_FILES['photo'];

///////////////////////////////////////////////////////////////////////////////////////
	//安检规范检查

////////////////////////////////////////////////////////////////////////////////////

	//图像上传
	$dirname = '../upload';

	if (!is_dir($dirname)){
		@mkdir($dirname);
	}

	$newPhotoName = time(); //新名字

	$pathinfo = pathinfo($photo['name']); //xxxx.jpg 转成数据
	$extension = $pathinfo['extension']; //扩展名

	//完整路径
	$newPath = $dirname.'/'.$newPhotoName.'.'.$extension;

	//上传图片
	move_uploaded_file($photo['tmp_name'],$newPath);

//////////////////////////////////////////////////////////////////////////////////////////////////////

	//数据库连接
	include '../include/common.php';

	$username = substr(sha1($username),3,25); //25位长度
	$pwd = substr(sha1($pwd),5,25);

	//语句
	$query = "INSERT INTO admin (username,pwd,desc2,photo) VALUES ('".$username."','".$pwd."','".$desc."','".$newPath."')";

	//执行语句
	mysqli_query($conn,$query);

	//执行结果
	$rs = mysqli_affected_rows($conn);

	if ($rs>0){
		$res = 'success';
	} else {
		$res = 'fail';
	}

	$arr['result'] = $res;
	$arr['path'] = $newPath;

	echo json_encode($arr);


?>